Sovereign Cloud: What It Is and How It Works

23 Aug 23 4 min read

After 2013, when everyone found out about PRISM, the US National Security Agency surveillance program, which collected data not only of the US nationals, but also abroad, the rules of digital exchange have started shifting. Over 145 countries now have a legislature on privacy — and it envisages the processing of all citizens’ data within the borders of their state. This was how demand for sovereign clouds emerged.

According to VMware Explore US estimates, the sovereign clouds market will reach $60 billion by 2025. Little by little, the companies choose this solution — VMware and IDC research shows that 53% of organizations on the planet plan on increasing the sovereignty of their infrastructure by 2028. But now they face such obstacles as high price and complexity in building a supremely secure system.

In this article, we show why everyone wants to have a sovereign cloud and how this service will soon be the standard of practice.

VMware Sovereign Cloud

One of the most common concepts of cloud sovereignty is the system developed by VMware. The company developed a special framework under its initiative, uniting cloud providers committed to data protection. The main idea of the company’s concept is that all data hosted in the cloud remains under the exclusive control of the country where it was collected, and operations with this data are conducted under national law.

If we look closer, according to VMware, a sovereign cloud:

protects critical data of private and public organizations;
supports the national economy;
uses security mechanisms that are tested and approved at the state level;
ensures compliance with data privacy laws;
improves client control over information.

Types of Sovereign Clouds

There is no single perfect concept of a sovereign cloud — each provider offers its own vision of this service.

One of the most stringent sovereign cloud models is offered by the American provider Oracle. It includes the following requirements:

Physical data storage within one country;
The client controls who access their information and from where;
Technical support and server maintenance are provided only by citizens of the same country;
The cloud complies with the laws of the country where it is located;
There is a dedicated server connection to the internet.

Oracle has also developed a sovereign cloud tailored for the EU, allowing corporations operating within the European Union to instantly access infrastructure that complies with GDPR (General Data Protection Regulation), European Data Protection Board recommendations, and other regulations.

Google Cloud does not have its own standalone service of this type, so it forms partnerships with local telecom companies to create sovereign clouds in different countries. Currently, the system operates smoothly in Germany, where the local company T-Systems has an exclusive ability to control the infrastructure on the Google Cloud platform, and the tech support consists only of EU citizens. Similar services have been implemented in France, Italy, and Spain.

Microsoft launched its sovereign cloud, Cloud for Sovereignty, in July 2022. It operates through over 60 Azure regional data centers, providing access to all standard Microsoft cloud services (Microsoft 365, Dynamics 365, and the Azure platform) and allows users to manage the placement of their data in these services and other cloud-deployed products.

Amazon Web Services claims that their clouds are “sovereign by default,” and in 2022, they introduced the Digital Sovereignty Pledge, promising “uncompromising control” over their clients and their compliance with sovereignty requirements. Users independently choose where their data is stored, who has access to it, and how it is encrypted.

Why It’s Needed

Regulatory requirements in certain sectors call for the use of a sovereign cloud, particularly in government, financial services, and healthcare. It is the very data that must be specially protected from external interference, as it involves state secrets and other confidential information that is especially vulnerable to malicious actions.

In general, businesses don’t always need a sovereign cloud, but it’s recommended — the practice makes it easier to comply with regulations like GDPR, improves the reliability of the company’s operations, and guarantees that customers have no issues with data protection. This is especially convenient for small and medium businesses, which may not have the resources to keep up with all the information security requirements — it’s easier to delegate such tasks to a trusted cloud operator.

When a service provider employs only citizens of a given country, collaborates with local contractors, and pays all taxes and fees into the national budget, it supports the local economy. Additionally, it’s easier to handle payments with it: since the provider’s legal entity is registered in the same country, payments are made in the same currency, and the contract operates under a single legal framework.

Trending articles

5 steps to get the most of your cloud strategy

23 May 24 6 min read

Cloud-first strategy in business means that the company’s operating activities are based primarily on the cloud infrastructure, which is optimized in terms of its cost and power. In this article, we show you what KPIs any enterprise should pay attention to so that it is certain it utilizes the best approach to cloud technologies.

Is Owning Servers More Profitable Than Cloud Services? Let’s Count TCO

31 Jul 23 12 min read

If your business is not critically susceptible to downtime, and you can wait for a day or two while IT team «revives» the website or CRM-system, then $800 servers will suffice. But if you can’t let yourself be «down» and don’t want to lose money, reputation and clients trust, we suggest that you read this article.

Why Business Needs IaaS: 5 Tasks Solved by the Cloud

10 Jul 23 9 min read

Why businesses need IaaS and what key business challenges can be efficiently solved by adopting cloud solutions.

Cloud Native capabilities for business: advantages and disadvantages of the solution

12 Aug 22 8 min read

The development of cloud technologies has shifted the priority from the question of “where services are deployed” to “how they are developed.” It became possible to create programs specifically for cloud environments, using the maximum advantages of specific platforms. This approach was called Cloud Native and became a forerunner of revolutionary changes in the development of IT infrastructure. Next, we will understand the features of the concept, what are the pros and cons of the approach, when it is appropriate and how to implement it.

Cloud Agnostic for Business: the features and benefits of the solution

27 Jul 22 6 min read

Let’s consider what kind of concept it is, what are its pros and cons, and when you should choose Cloud Agnostic architecture.

Cloud Technologies: What They Are and How They Benefit People and Business

13 Apr 23 6 min read

Cloud has entirely changed the principle of storing and transmitting information. Its technologies have made it possible to overcome the obstacles of physical space and opened up a new dimension of the internet.

Three misconceptions about the cloud and the shared responsibility model

24 Oct 22 4 min read

The most common concept of working with cloud services is the shared responsibility model. In this article, we will look at the most common misconceptions about it.

How GigaCloud is revolutionizing its private clouds and why it matters

20 May 22 7 min read

The cloud operator’s work does not end after building a private cloud and configuring it to meet the customer’s needs. The technical support service and the operations department monitor the events and indicators of the cloud. Specialists make the necessary changes, help customers deploy virtual infrastructures and, what is very important, they update the cloud.

How the cloud helps you get a PCI DSS certificate

01 Jun 21 6 min read

In 2018, British Airways, the largest airline company of the United Kingdom, experienced a large-scale breach of customer data. Hackers stole payment card information of about 380,000 people.

VDI for secure remote business operations

13 Sep 21 8 min read

What is a virtual desktop(VDI), how does it work, and what value does it bring to businesses.

Service Level Agreement at GigaCloud: what it is and why it matters

22 Jan 24 2 min read

When you become a client at GigaCloud, you are given a Service Level Agreement to sign. SLA is a document defining the level of service which the provider is expected to maintain for its clients.

Why transferring to a cloud improves the environment

04 Oct 22 5 min read

The rapid development of information technologies increases the demand for electricity. Climate scientists warn that excessive consumption of fossil fuel energy and, as a result, its carbon footprint, will accelerate global warming and climate change. Although the data centres of cloud operators consume a huge amount of electricity, they are more environmentally friendly than any own data centres and server rooms in enterprises. How is that possible.

Sovereign Cloud: What It Is and How It Works

VMware Sovereign Cloud

Types of Sovereign Clouds

Why It’s Needed

Trending articles

Subscribe to be on the same cloud with us